--- a/MozillaFirefox/MozillaFirefox.changes	Mon Apr 16 14:56:32 2012 +0200
+++ b/MozillaFirefox/MozillaFirefox.changes	Wed Apr 25 13:47:56 2012 +0200
@@ -1,7 +1,47 @@
 -------------------------------------------------------------------
-Sun Apr 15 08:16:22 UTC 2012 - wr@rosenauer.org
-
-- update to Aurora 13 (20120414)
+Wed Apr 25 11:45:10 UTC 2012 - wr@rosenauer.org
+
+- update to Aurora 14 (20120425)
+
+-------------------------------------------------------------------
+Sat Apr 21 10:02:37 UTC 2012 - wr@rosenauer.org
+
+- update to Firefox 12.0 (bnc#758408)
+  * rebased patches
+  * MFSA 2012-20/CVE-2012-0467/CVE-2012-0468
+    Miscellaneous memory safety hazards
+  * MFSA 2012-22/CVE-2012-0469 (bmo#738985)
+    use-after-free in IDBKeyRange
+  * MFSA 2012-23/CVE-2012-0470 (bmo#734288)
+    Invalid frees causes heap corruption in gfxImageSurface
+  * MFSA 2012-24/CVE-2012-0471 (bmo#715319)
+    Potential XSS via multibyte content processing errors
+  * MFSA 2012-25/CVE-2012-0472 (bmo#744480)
+    Potential memory corruption during font rendering using cairo-dwrite
+  * MFSA 2012-26/CVE-2012-0473 (bmo#743475)
+    WebGL.drawElements may read illegal video memory due to
+    FindMaxUshortElement error
+  * MFSA 2012-27/CVE-2012-0474 (bmo#687745, bmo#737307)
+    Page load short-circuit can lead to XSS
+  * MFSA 2012-28/CVE-2012-0475 (bmo#694576)
+    Ambiguous IPv6 in Origin headers may bypass webserver access
+    restrictions
+  * MFSA 2012-29/CVE-2012-0477 (bmo#718573)
+    Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues
+  * MFSA 2012-30/CVE-2012-0478 (bmo#727547)
+    Crash with WebGL content using textImage2D
+  * MFSA 2012-31/CVE-2011-3062 (bmo#739925)
+    Off-by-one error in OpenType Sanitizer
+  * MFSA 2012-32/CVE-2011-1187 (bmo#624621)
+    HTTP Redirections and remote content can be read by javascript errors
+  * MFSA 2012-33/CVE-2012-0479 (bmo#714631)
+    Potential site identity spoofing when loading RSS and Atom feeds
+- added mozilla-libnotify.patch to allow fallback from libnotify
+  to xul based events if no notification-daemon is running
+- gcc 4.7 fixes
+  * mozilla-gcc47.patch
+  * disabled crashreporter temporarily for Factory
+- recommend libcanberra0 for proper sound notifications
 
 -------------------------------------------------------------------
 Fri Mar  9 21:47:07 UTC 2012 - wr@rosenauer.org

--- a/MozillaFirefox/MozillaFirefox.spec	Mon Apr 16 14:56:32 2012 +0200
+++ b/MozillaFirefox/MozillaFirefox.spec	Wed Apr 25 13:47:56 2012 +0200
@@ -17,8 +17,8 @@
 #
 
 
-%define major 12
-%define mainver %major.99
+%define major 13
+%define mainver %major.98
 %define update_channel aurora
 
 Name:           MozillaFirefox
@@ -49,7 +49,7 @@
 BuildRequires:  nss-shared-helper-devel
 Version:        %{mainver}
 Release:        0
-%define         releasedate 2012041400
+%define         releasedate 2012042500
 Provides:       firefox = %{mainver}
 Provides:       firefox = %{version}-%{release}
 Provides:       web_browser
@@ -127,9 +127,13 @@
 %define branding 0
 %define localize 1
 %ifarch ppc ppc64 s390 s390x ia64 %arm
-%define crashreporter    0
+%define crashreporter 0
 %else
-%define crashreporter    1
+%define crashreporter 1
+%endif
+# temporary gcc 4.7
+%if %suse_version > 1210
+%define crashreporter 0
 %endif
 ### build options end
 
@@ -165,7 +169,7 @@
 %package translations-other
 Summary:        Extra translations for MozillaFirefox
 Group:          System/Localization
-Provides:       locale(%{name}:af;ak;as;ast;be;bg;bn_BD;bn_IN;br;bs;csb;cy;el;en_ZA;eo;es_MX;et;eu;fa;fy_NL;ga_IE;gd;gl;gu_IN;he;hi_IN;hr;hy_AM;id;is;kk;kn;ku;lg;lij;lt;lv;mai;mk;ml;mn;mr;nn_NO;nso;or;pa_IN;rm;ro;si;sk;sl;son;sq;sr;sw;ta;ta_LK;te;th;tr;uk;vi;zu)
+Provides:       locale(%{name}:af;ak;as;ast;be;bg;bn_BD;bn_IN;br;bs;csb;cy;el;en_ZA;eo;es_MX;et;eu;fa;fy_NL;ga_IE;gd;gl;gu_IN;he;hi_IN;hr;hy_AM;id;is;kk;km;kn;ku;lg;lij;lt;lv;mai;mk;ml;mn;mr;nn_NO;nso;or;pa_IN;rm;ro;si;sk;sl;son;sq;sr;sw;ta;ta_LK;te;th;tr;uk;vi;zu)
 Requires:       %{name} = %{version}
 Obsoletes:      %{name}-translations < %{version}-%{release}
 

--- a/MozillaFirefox/create-tar.sh	Mon Apr 16 14:56:32 2012 +0200
+++ b/MozillaFirefox/create-tar.sh	Wed Apr 25 13:47:56 2012 +0200
@@ -3,7 +3,7 @@
 CHANNEL="aurora"
 BRANCH="releases/mozilla-$CHANNEL"
 RELEASE_TAG="default"
-VERSION="12.99"
+VERSION="13.98"
 
 # mozilla
 echo "cloning $BRANCH..."

--- a/xulrunner/create-tar.sh	Mon Apr 16 14:56:32 2012 +0200
+++ b/xulrunner/create-tar.sh	Wed Apr 25 13:47:56 2012 +0200
@@ -1,9 +1,9 @@
 #!/bin/bash
 
-CHANNEL="beta"
+CHANNEL="aurora"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_12_0b3_RELEASE"
-VERSION="11.99"
+RELEASE_TAG="default"
+VERSION="13.98"
 
 # mozilla
 hg clone http://hg.mozilla.org/$BRANCH mozilla

--- a/xulrunner/xulrunner.changes	Mon Apr 16 14:56:32 2012 +0200
+++ b/xulrunner/xulrunner.changes	Wed Apr 25 13:47:56 2012 +0200
@@ -1,3 +1,42 @@
+-------------------------------------------------------------------
+Sat Apr 21 10:03:42 UTC 2012 - wr@rosenauer.org
+
+- update to 12.0 (bnc#758408)
+  * rebased patches
+  * MFSA 2012-20/CVE-2012-0467/CVE-2012-0468
+    Miscellaneous memory safety hazards
+  * MFSA 2012-22/CVE-2012-0469 (bmo#738985)
+    use-after-free in IDBKeyRange
+  * MFSA 2012-23/CVE-2012-0470 (bmo#734288)
+    Invalid frees causes heap corruption in gfxImageSurface
+  * MFSA 2012-24/CVE-2012-0471 (bmo#715319)
+    Potential XSS via multibyte content processing errors
+  * MFSA 2012-25/CVE-2012-0472 (bmo#744480)
+    Potential memory corruption during font rendering using cairo-dwrite
+  * MFSA 2012-26/CVE-2012-0473 (bmo#743475)
+    WebGL.drawElements may read illegal video memory due to
+    FindMaxUshortElement error
+  * MFSA 2012-27/CVE-2012-0474 (bmo#687745, bmo#737307)
+    Page load short-circuit can lead to XSS
+  * MFSA 2012-28/CVE-2012-0475 (bmo#694576)
+    Ambiguous IPv6 in Origin headers may bypass webserver access
+    restrictions
+  * MFSA 2012-29/CVE-2012-0477 (bmo#718573)
+    Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues
+  * MFSA 2012-30/CVE-2012-0478 (bmo#727547)
+    Crash with WebGL content using textImage2D
+  * MFSA 2012-31/CVE-2011-3062 (bmo#739925)
+    Off-by-one error in OpenType Sanitizer
+  * MFSA 2012-32/CVE-2011-1187 (bmo#624621)
+    HTTP Redirections and remote content can be read by javascript errors
+  * MFSA 2012-33/CVE-2012-0479 (bmo#714631)
+    Potential site identity spoofing when loading RSS and Atom feeds
+- added mozilla-libnotify.patch to allow fallback from libnotify
+  to xul based events if no notification-daemon is running
+- gcc 4.7 fixes
+  * mozilla-gcc47.patch
+  * disabled crashreporter temporarily for Factory
+
 -------------------------------------------------------------------
 Fri Mar  9 21:49:05 UTC 2012 - wr@rosenauer.org
 

--- a/xulrunner/xulrunner.spec	Mon Apr 16 14:56:32 2012 +0200
+++ b/xulrunner/xulrunner.spec	Wed Apr 25 13:47:56 2012 +0200
@@ -43,13 +43,13 @@
 BuildRequires:  wireless-tools
 %endif
 BuildRequires:  mozilla-nspr-devel >= 4.9.0
-BuildRequires:  mozilla-nss-devel >= 3.13.3
-Version:        12.99
+BuildRequires:  mozilla-nss-devel >= 3.13.4
+Version:        13.98
 Release:        0
-%define         releasedate 2012032100
-%define         version_internal 13.0
-%define         apiversion 13
-%define         uaweight 1300000
+%define         releasedate 2012042500
+%define         version_internal 14.0
+%define         apiversion 14
+%define         uaweight 1400000
 Summary:        Mozilla Runtime Environment
 License:        MPL-1.1 or GPL-2.0+ or LGPL-2.1+
 Group:          Productivity/Other